yujunjun/strapi
1
0
Fork 0
mirror of https://github.com/strapi/strapi.git synced 2025-07-23 09:00:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
strapi/packages/strapi-plugin-users-permissions/config/policies/permissions.js
Jim LAURIE f27b2ae2f6
Merge branch 'master' into email-validation
2018-08-21 11:54:22 +02:00

73 lines
1.9 KiB
JavaScript
Raw Blame History

const _ = require('lodash');
module.exports = async (ctx, next) => {
let role;
if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
try {
const { _id, id } = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
if ((id || _id) === undefined) {
throw new Error('Invalid token: Token did not contain required fields');
}
ctx.state.user = await strapi.query('user', 'users-permissions').findOne({ _id, id });
} catch (err) {
return ctx.unauthorized(err);
}
if (!ctx.state.user) {
return ctx.unauthorized(`User Not Found.`);
}
role = ctx.state.user.role;
if (role.type === 'root') {
return await next();
}
const store = await strapi.store({
environment: '',
type: 'plugin',
name: 'users-permissions'
});
if (_.get(await store.get({key: 'advanced'}), 'email_confirmation') && ctx.state.user.confirmed !== true) {
return ctx.unauthorized('Your account email is not confirmed.');
}
if (ctx.state.user.blocked === true) {
return ctx.unauthorized(`Your account has been blocked by the administrator.`);
}
}
// Retrieve `public` role.
if (!role) {
role = await strapi.query('role', 'users-permissions').findOne({ type: 'public' }, []);
}
const route = ctx.request.route;
const permission = await strapi.query('permission', 'users-permissions').findOne({
role: role._id || role.id,
type: route.plugin || 'application',
controller: route.controller,
action: route.action,
enabled: true
}, []);
if (!permission) {
if (ctx.request.graphql === null) {
return ctx.request.graphql = strapi.errors.forbidden();
}
return ctx.forbidden();
}
// Execute the policies.
if (permission.policy) {
return await strapi.plugins['users-permissions'].config.policies[permission.policy](ctx, next);
}
// Execute the action.
await next();
};
Reference in New Issue View Git Blame Copy Permalink